Category: 3. Business

  • Five key takeaways from London Climate Action Week 2025

    Five key takeaways from London Climate Action Week 2025

    A team of more than 50 ERM leaders and experts were on the ground at London Climate Action Week (LCAW) 2025. The 2025 iteration was by far the largest in the gathering’s seven-year history, with over 45,000 participants. ERM organized more than 10 events, including several with partners like the World Business Council for Sustainable Development (WBCSD) and the Natural Climate Solutions Alliance (NSCA).

    The week commenced with the launch of the WBCSD Business Breakthrough Barometer. To many people’s pleasant surprise, the Barometer reveals that 91 percent of 300 leading global businesses have maintained or increased investments in the clean energy and net zero transition vs 12 months ago, with 56 percent citing competitiveness as their primary reason for doing so. At least for this group of companies, backlash is not resulting in backslide.  

    Our team captured several key takeaways from our LCAW discussions with business leaders, investors, policymakers, and representatives of civil society organizations. We share insights on how to get from volatility to value and more below.  

    Navigate volatility

    1. With global uncertainty and upheaval prominent, companies need clear action plans to avoid being blown off course. The ERM-convened Council on Sustainability Transformation launched a report in the lead up to LCAW exploring how companies can reframe and retool their approaches to sustainability during this time of change.
    2. With the cost of inaction rising, companies need to quantify ‘do nothing’ options alongside other investment cases and take action that makes progress towards climate goals and generates business value simultaneously.
    3. An event we held with WBCSD on industrial heat highlighted how companies are expanding investments in renewable heat despite economic incertitude. Companies are turning towards technological innovation and partnerships to drive progress even when policy support may be insufficient.

    Adapt for each geography 

    1. A one-size-fits-all-geographies approach no longer works as companies shift from goal setting to implementation, as implementation needs to be tailored to each operating environment.
    2. Success depends on recognizing that the energy transition is place-based and emphasizing just transition. The effects of the transition will be felt most where activities occur (e.g., job creation or losses, local economic empowerment or displacement, enhanced adaptive capacity, etc.).
    3. No transition plan will succeed without people. Corporate speakers at a just transition roundtable we hosted in partnership with WBCSD said companies must account for the people-related impacts of their transitions and engage people in transition solutions.
    4. During an infrastructure-focused workshop hosted with WBCSD, participants stressed the importance of turning a local lens to physical risk mitigation and recognizing that direct (e.g., property damage) and indirect (e.g., supply chain disruptions) risks will vary by site and geography.

    Creating value requires getting into the details  

    1. Ana Toni, the CEO of COP30, said that businesses need to identify very specifically what they require to progress towards their climate goals. Doing this will enable ‘unlocks’ from policy makers, investors, and others in country plans (like Nationally Determined Contributions and National Adaptation Plans).
    2. The complexity of implementing targets and plans within the current operating environment is forcing companies to get down to details. ERM held LCAW sessions on the electrification of industrial heat, long-duration energy storage, and climate markets, including removals and decarbonization in the manufacturing and pharmaceutical sectors.
    3. Identifying how sustainability programs create enterprise value is essential. Whether growing market share, lowering operating costs, enhancing energy security, or lowering costs of capital, there are many opportunities to add value A blog ERM published before LCAW explores how companies can use financial quantification to help visualize the full benefits of their sustainability-related actions. There are hurdles as well. Companies participating in a financial quantification roundtable we co-hosted with WBCSD stressed that a lack of consistency in data quality and availability makes quantification difficult. 

    Own your narrative 

    1. Defining the narrative for your company’s climate action is critical. If you do not tell your story, someone else will. There is no room for greenhushing in a world where investors, policymakers, other businesses, and stakeholders demand to see evidence of tangible action linked to quantified outcomes.
    2. Outputs on sustainability – however impressive the metrics – mean little until they are set in the context of what matters to stakeholders. Think about framing your story from the outside in, starting with the meaningful outcomes you can deliver.
    3. Communication is an important vehicle for translating the financial quantification of sustainability into language that resonates within and beyond your organization. Tone matters—it is so important to be positive! Participants in an ERM/WBCSD session on quantification and communication stressed the need to avoid overemphasizing risk; human beings respond to inspiration.
    4. Narrative consistency is key—there cannot be one message for employees and another for investors. Participants at an ERM roundtable on sustainability in a volatile world emphasized the importance of transparent and consistent stakeholder communication in building trust and credibility.

    Seek opportunity 

    1. Opportunities emerge during volatility. Companies we spoke with are keeping their eyes open for places where they can create value and build sustainability momentum at the same time. Companies and financial institutions in Asia, for example, are innovating and investing in response to market needs, while global participants at an ERM-supported session on energy storage highlighted the use of the technology as a solution that can generate significant financial opportunity and be a powerful force for decarbonization.
    2. Carbon markets and water were high on the opportunity agenda at many of the sessions in which ERM participated. Companies are determining how to build business cases for these and other nature-related issues and integrate them into their sustainability strategies. As companies face pressure to achieve targets, participants underscored the importance of high-quality carbon credits. While concerns remain about greenwashing, logistical barriers, and the need for clearer standards and metrics, there was a consensus that demand stimulation, policy clarity, and technological innovation are crucial to scaling this key market.

    Delivering in uncharted territory

    Amidst the backdrop of an ever-changing world, a sense of what’s possible in the delivery of climate solutions that make commercial sense spread throughout the biggest LCAW ever. Themes like adaptation, value creation, narration, and opportunity identification emerged as strategies capable of helping companies forge ahead into uncharted territory. ERM was honored to contribute to the conversation.

    Continue Reading

  • Circular economy investment has surged since 2018, but high-impact solutions remain underfunded

    Circular economy investment has surged since 2018, but high-impact solutions remain underfunded

    The Circularity Gap Report Finance is the first empirical global study that quantifies and explains the global financial streams to circular business models, such as resale and repair, which allows for estimating the ‘gap’ in finance for a circular economy. It was authored by the Amsterdam-based impact organisation Circle Economy in collaboration with KPMG International, with support from the International Finance Corporation (IFC).

    The report highlights that circular economy investments can deliver risk-adjusted returns. Circular business models generate additional revenue, unlock new markets, and deliver greater value from fewer resources. In addition, circularity is emerging as a key strategy for the financial sector to manage resource risks from supply chain disruptions and material scarcity—risks that are now more relevant than ever, considering trade wars and geopolitical instability.

    The sector increasingly recognises these benefits: investment in the circular economy has grown from US$ 10 billion in 2018 to US$ 28 billion in 2023, peaking at US$ 42 billion in 2021. While this upward trend signals a strengthening business case for circularity, the failure to surpass the 2021 peak suggests waning momentum. Banks account for the majority of these investments in the form of debt. Nevertheless, circular investments still represent just 2% of all tracked capital (in the scope of this report), suggesting a vast unrealised potential.

    Investments mainly go to conventional applications of circularity, like rental and repair, which have existed for decades. High-impact solutions and innovations in design and production received just 4.7% of all investment, despite their potential to eliminate waste and pollution at the source.

    Continue Reading

  • Sectoral numerical targets in terms of the Employment Equity Act, 1998

    The Amendments to the Employment Equity Act, 1998, came into effect on 1 January 2025 and the Employment Equity Regulations (Regulations) were published on 15 April 2025 by the Minister of Employment and Labour.

    The Regulations establish five-year numerical targets for designated employers (ie employers who employ more than 50 employees) across 18 economic sectors: accommodation and food service activities; administrative and support activities; agriculture, forestry & fishing; arts, entertainment and recreation; construction; education; electricity, gas, steam and air conditioning supply; financial and insurance activities; human health and social work activities; information and communication; manufacturing; mining and quarrying; professional, scientific and technical activities; public administration and defence; compulsory social security; real estate activities; transportation and storage; water supply, sewerage, waste management and remediation activities; wholesale and retail trade; and repair of motor vehicles and motorcycles.

    In terms of the Regulations designated employers must adopt a five-year employment equity plan based on the sectoral targets which include a 3% disability employment goal.

    Going forward designated employers will only be able to obtain a certificate of compliance to do work for government if they have met the applicable sectoral targets or have a reasonable ground for non-compliance; and provided that there have been no complaints of unfair discrimination in relation to that employer.

    Continue Reading

  • Elon Musk’s xAI raises $10 billion in debt and equity

    Elon Musk’s xAI raises $10 billion in debt and equity

    Elon Musk announced his new company xAI, which he says has the goal to understand the true nature of the universe.

    Jaap Arriens | Nurphoto | Getty Images

    XAI, the artificial intelligence startup run by Elon Musk, raised a combined $10 billion in debt and equity, Morgan Stanley said.

    Half of that sum was clinched through secured notes and term loans, while a separate $5 billion was secured through strategic equity investment, the bank said on Monday.

    The funding gives xAI more firepower to build out infrastructure and develop its Grok AI chatbot as it looks to compete with bitter rival OpenAI, as well as with a swathe of other players including Amazon-backed Anthropic.

    In May, Musk told CNBC that xAI has already installed 200,000 graphics processing units (GPUs) at its Colossus facility in Memphis, Tennessee. Colossus is xAI’s supercomputer that trains the firm’s AI. Musk at the time said that his company will continue buying chips from semiconductor giants Nvidia and AMD and that xAI is planning a 1-million-GPU facility outside of Memphis.

    Addressing the latest funds raised by the company, Morgan Stanley that “the proceeds will support xAI’s continued development of cutting-edge AI solutions, including one of the world’s largest data center and its flagship Grok platform.”

    xAI continues to release updates to Grok and unveiled the Grok 3 AI model in February. Musk has sought to boost the use of Grok by integrating the AI model with the X social media platform, formerly known as Twitter. In March, xAI acquired X in a deal that valued the site at $33 billion and the AI firm at $80 billion. It’s unclear if the new equity raise has changed that valuation.

    xAI was not immediately available for comment.

    Last year, xAI raised $6 billion at a valuation of $50 billion, CNBC reported.

    Morgan Stanley said the latest debt offering was “oversubscribed and included prominent global debt investors.”

    Competition among American AI startups is intensifying, with companies raising huge amounts of funding to buy chips and build infrastructure.

    OpenAI in March closed a $40 billion financing round that valued the ChatGPT developer at $300 billion. Its big investors include Microsoft and Japan’s SoftBank.

    Anthropic, the developer of the Claude chatbot, closed a funding round in March that valued the firm at $61.5 billion. The company then received a five-year $2.5 billion revolving credit line in May.

    Musk has called Grok a “maximally truth-seeking” AI that is also “anti-woke,” in a bid to set it apart from its rivals. But this has not come without its fair share of controversy. Earlier this year, Grok responded to user queries with unrelated comments about the controversial topic of “white genocide” and South Africa.

    Musk has also clashed with fellow AI leaders, including OpenAI’s Sam Altman. Most famously, Musk claimed that OpenAI, which he co-founded, has deviated from its original mission of developing AI to benefit humanity as a nonprofit and is instead focused on commercial success. In February, Musk alongside a group of investors, put in a bid of $97.4 billion to buy control of OpenAI. Altman swiftly rejected the offer.

    CNBC’s Lora Kolodny and Jonathan Vanian contributed to this report.

    Continue Reading

  • S&P Dow Jones Indices Collaborates with Centrifuge to Bring the S&P 500 Index Onchain, Expanding Access to the World’s Most Widely Recognized Benchmark

    S&P Dow Jones Indices Collaborates with Centrifuge to Bring the S&P 500 Index Onchain, Expanding Access to the World’s Most Widely Recognized Benchmark

    NEW YORK, July 1, 2025 /PRNewswire/ — S&P Dow Jones Indices (“S&P DJI”), the world’s leading index provider, today announced its plans to collaborate with Centrifuge, a decentralized infrastructure provider specializing in real-world asset (RWA) integration, to enter the fund tokenization space by licensing the S&P 500 Index. This initiative extends the reach of the S&P 500 into onchain investment products and protocols.

    S&P Dow Jones Indices logo (PRNewsfoto/S&P Dow Jones Indices)

    For 125 years and counting, S&P DJI’s indices have provided a liquid foundation for increased adoption of index-based investing around the world. By licensing Centrifuge to provide exposure and bring the S&P 500 Index onchain, a blockchain-native investment vehicle will for the first time be built, governed, and accessed directly through Centrifuge’s RWA infrastructure, rather than via traditional brokerages. Anemoy Capital, a web3 native asset manager powered by Centrifuge, has been licensed by S&P DJI along with Janus Henderson, a leading global asset manager, as the sub-advisor for the fund, to offer the Janus Henderson Anemoy S&P 500 Index Fund Segregated Portfolio, which is planned to launch later this year subject to regulatory approval.

    “At S&P Dow Jones Indices, our mission is to bring trusted benchmarks to every investor, today and tomorrow. Today’s announcement places The 500™ at the forefront of index tokenization and real-world asset integration and brings the innovation of decentralized infrastructure to the most iconic financial index in the world,” said Cameron Drinkwater, Chief Product Officer at S&P Dow Jones Indices. “Our collaboration with Centrifuge enables investors to gain direct exposure to the S&P 500 Index –– within a blockchain ecosystem that supports liquidity, transparency and interoperability. The potential from here – real-time, programmable, automated and 24/7 indexed portfolio solutions – is incredibly exciting.”

    This collaboration combines S&P DJI’s premiere S&P 500 Index and unmatched index data quality with Centrifuge’s blockchain technology to create one of the first digital tokens that represents exposure to the S&P 500 Index. The digital tokens can then be owned, used and transferred through the blockchain, initially providing access to a broader range of market participants. In the future, by licensing S&P DJI’s indices to be embedded directly into DeFi protocols, other tokenized assets and compliant digital investment platforms can provide equal market access and choice to blockchain-native investors and those without access to traditional investment products.

    “Bringing the S&P 500 Index onchain is more than a technical milestone, it represents a shift in how institutional portfolios can be constructed and accessed. For the first time, the world’s most trusted benchmark is available through open, transparent, and programmable infrastructure. At Centrifuge and Anemoy, our focus is to establish ‘onchain indices,’ as a core category of onchain asset allocation, bringing institutional-grade products to a decentralized financial system. We are proud to collaborate with S&P Dow Jones Indices and look forward to what this unlocks for the future of onchain finance,” said Anil Sood, Chief Strategy and Growth Officer at Centrifuge and Co-Founder of Anemoy.

    The introduction of tokenization further expands S&P DJI’s existing portfolio of digital asset initiatives, which includes its cryptocurrency indices, ranging from single-coin indices to multi-asset solutions. S&P DJI’s diverse offering is designed to provide choice for market participants looking to effectively navigate the growing DeFi and digital asset space.

    For more information about S&P Dow Jones Indices, please visit https://www.spglobal.com/spdji/en/.

    S&P Global’s digital asset capabilities support transparency and informed decision-making at the intersection of decentralized innovation and traditional finance. To learn more about S&P Global’s DeFi initiatives please click here. 

    For more information about Centrifuge, please visit https://centrifuge.io/.

    ABOUT S&P DOW JONES INDICES

    S&P Dow Jones Indices is the largest global resource for essential index-based concepts, data and research, and home to iconic financial market indicators, such as the S&P 500® and the Dow Jones Industrial Average®. More assets are invested in products based on our indices than products based on indices from any other provider in the world. Since Charles Dow invented the first index in 1884, S&P DJI has been innovating and developing indices across the spectrum of asset classes helping to define the way investors measure and trade the markets.

    S&P Dow Jones Indices is a division of S&P Global (NYSE: SPGI), which provides essential intelligence for individuals, companies, and governments to make decisions with confidence. For more information, visit https://www.spglobal.com/spdji/en/.

    The S&P 500 Index is a product of S&P Dow Jones Indices LLC or its affiliates (“S&P DJI), and has been licensed for use by Anemoy Capital Ltd. (“Anemoy”) and k-f dev AG (“Centrifuge”).  S&P®, S&P 500®, SPX®, SPY®, US 500™, The 500™, iBoxx®, iTraxx® and CDX® are trademarks of S&P Global, Inc. or its affiliates (“S&P”); Dow Jones® is a registered trademark of Dow Jones Trademark Holdings LLC (“Dow Jones”); and these trademarks have been licensed for use by S&P DJI and sublicensed for certain purposes by Anemoy and Centrifuge. Funds based on the S&P 500 are not sponsored or sold by S&P DJI, Dow Jones, S&P, their respective affiliates and none of such parties make any representation regarding the advisability of investing in such products nor do they have any liability for any errors, omissions, or interruptions of the S&P 500 Index.

    FOR MORE INFORMATION:

    Silke Mcguinness 
    Global Head of Communications
    (+1) 415 205 8414
    silke.mcguinness@spglobal.com 

    Alyssa Augustyn
    Americas Communications
    (+1) 773 919 4732
    alyssa.augustyn@spglobal.com

    Asti Michou
    EMEA Communications
    +44 (0) 79 70 887 863
    asti.michou@spglobal.com 

     

    SOURCE S&P Dow Jones Indices

    Continue Reading

  • RWE to produce solar power for KRONOS TITAN at Nordenham site

    RWE to produce solar power for KRONOS TITAN at Nordenham site

    RWE and KRONOS TITAN (KRONOS) are breaking new ground in the sustainable energy supply of industrial sites. RWE plans to build and operate a ground-mounted photovoltaic plant with an output of 24.7 megawatts peak on a 20-hectare site at the KRONOS location in Nordenham, Lower Saxony. RWE has leased the land for this project from KRONOS, and KRONOS will purchase the green electricity generated there by means of a long-term PPA. Construction of the solar plant is scheduled to begin in summer, with commissioning planned for spring 2026.

    Carsten Büsing, Plant Manager of KRONOS TITAN GmbH at the Nordenham site: “We are delighted to be working with RWE to lead our site into a more sustainable future. With the new solar farm, we can cover a significant part of our energy needs with green electricity. This plant plays a crucial role in achieving our transformation goals and underlines our commitment to environmentally friendly solutions at the site.”

    Katja Wünschel, CEO RWE Renewables Europe & Australia GmbH: “The joint project with KRONOS TITAN shows how industrial customers can play an active role in the energy transition. They provide land and we take over the planning, construction, investment and operation of the solar farm. The customer receives long-term green electricity at predictable conditions. In this way, we combine our expertise in the expansion of renewable energies with our experience in energy trading.”

    A total of around 38,200  solar modules will generate approximately 22,000 megawatt hours of electricity per year, enough to cover a significant part of KRONOS’ electricity requirements at the Nordenham site. The immediate neighbours have also been notified about the joint project of RWE and KRONOS.

    An image for media purposes is available in the RWE media library (Image rights: KRONOS TITAN).

     

    Continue Reading

  • Taiwan’s currency jumps as life insurers rush to hedge against weak US dollar – Financial Times

    Taiwan’s currency jumps as life insurers rush to hedge against weak US dollar – Financial Times

    1. Taiwan’s currency jumps as life insurers rush to hedge against weak US dollar  Financial Times
    2. Taiwan Dollar Surges More Than 2% as Traders Test Central Bank  Bloomberg
    3. Asian currencies: Taiwan dollar hits 3-year high  Business Recorder
    4. Taiwan Dollar Strength Spells Trouble for Tech Exporters, Insurers  WSJ
    5. Taiwan Dollar Rallies  TradingView

    Continue Reading

  • ECB Consumer Expectations Survey results – May 2024

    V češtině není k dispozici.

    1 July 2025

    Compared with April 2025:

    • median consumer perceptions of inflation over the previous 12 months remained unchanged, while median expectations for inflation one and three years ahead decreased, and median inflation expectations for five years ahead remained unchanged;
    • expectations for nominal income growth over the next 12 months increased, while expectations for spending growth over the next 12 months decreased;
    • expectations for economic growth over the next 12 months became less negative, while the expected unemployment rate in 12 months’ time decreased;
    • expectations for growth in the price of homes over the next 12 months remained unchanged, while expectations for mortgage interest rates 12 months ahead declined.

    Inflation

    In May, the median rate of perceived inflation over the previous 12 months remained unchanged at 3.1% for the fourth consecutive month. This was its lowest level since September 2021. Median expectations for inflation over the next 12 months decreased by 0.3 percentage points to 2.8%. Expectations for three years ahead also decreased, by 0.1 percentage points, to 2.4% while expectations for inflation five years ahead were unchanged at 2.1% for the sixth consecutive month. Uncertainty about inflation expectations over the next 12 months decreased in May, reversing the increase observed in April. While the broad evolution of inflation perceptions and expectations remained relatively closely aligned across income groups, over the previous year and a half inflation perceptions and short-horizon expectations for lower income quintiles were, on average, slightly above those for higher income quintiles. Younger respondents (aged 18-34) continued to report lower inflation perceptions and expectations than older respondents (aged 35-54 and 55-70), albeit to a lesser degree than in previous years.

    Inflation results

    Income and consumption

    Consumers’ nominal income growth expectations over the next 12 months increased to 1.0%, from 0.9% in April. This increase was observed across all income groups. Perceived nominal spending growth over the previous 12 months increased to 5.0%, from 4.9% in April. Conversely, expected nominal spending growth over the next 12 months decreased to 3.5% in May, from 3.7% in April. This decrease was prevalent across all income quintiles, except for the lowest income group.

    Income and consumption results

    Economic growth and labour market

    Economic growth expectations for the next 12 months became less negative, standing at -1.1% in May compared with -1.9% in April. Expectations for the unemployment rate 12 months ahead decreased to 10.4%, from 10.5% in April. Consumers continued to expect the future unemployment rate to be only slightly higher than the perceived current unemployment rate (9.9%), implying a broadly stable labour market.

    Economic growth and labour market results

    Housing and credit access

    Consumers expected the price of their home to increase by 3.2% over the next 12 months, which was unchanged from April. Households in the lowest income quintile continued to expect higher growth in house prices compared with those in the highest income quintile (3.5% and 3.1% respectively). Expectations for mortgage interest rates 12 months ahead declined to 4.4%, from 4.5% in April. As in previous months, the lowest income households expected the highest mortgage interest rates 12 months ahead (4.9%), while the highest income households expected the lowest rates (4.1%). The net percentage of households reporting a tightening (relative to those reporting an easing) in access to credit over the previous 12 months declined. The net percentage of those expecting a tightening over the next 12 months declined as well, reversing the increase seen in April.

    Housing and credit access results

    The release of the Consumer Expectations Survey (CES) results for June is scheduled for 29 July 2025.

    For media queries, please contact: Benoit Deeg, tel.: +49 172 1683704.

    Notes

    • Unless otherwise indicated, the statistics presented in this press release refer to the 2% winsorised mean. For further details, see ECB Consumer Expectations Survey – Guide to the computation of aggregate statistics.
    • The CES is a monthly online survey of, currently, around 19,000 adult consumers (i.e. aged 18 or over) from 11 euro area countries: Belgium, Germany, Ireland, Greece, Spain, France, Italy, the Netherlands, Austria, Portugal and Finland. The main aggregate results of the CES are published on the ECB’s website every month. The results are used for policy analysis and complement other data sources used by the ECB.
    • Further information about the survey and the data collected is available on the CES web page. Detailed information can also be found in the following two publications: Bańkowska, K. et al., “ECB Consumer Expectations Survey: an overview and first evaluation”, Occasional Paper Series, No 287, ECB, Frankfurt am Main, December 2021; and Georgarakos, D. and Kenny, G., “Household spending and fiscal support during the COVID-19 pandemic: Insights from a new consumer survey”, Journal of Monetary Economics, Vol. 129, Supplement, July 2022, pp. S1-S14.
    • The survey results do not represent the views of the ECB’s decision-making bodies or staff.

    Continue Reading

  • Authentication versus identification and the use of the Singapore NRIC number

    Authentication versus identification and the use of the Singapore NRIC number

    Following the recent unmasking of Singapore National Registration Identity Card (“NRIC”) numbers by the Accounting and Corporate Regulatory Authority (“ACRA”), both the ACRA and Cyber Security Agency (“CSA”) have issued guidance on moving away from using NRIC numbers for authentication and password purposes in the private sector.

    With data protection undoubtedly a top concern and priority for individuals and organisations today, our commentary reviews this significant shift in best practices for authentication in Singapore, and the need for education on the appropriate use of NRIC numbers.

    Unmasking the Singapore NRIC number

    In December 2024, there was a public furore over the inadvertent unmasking of Singapore NRIC numbers by ACRA. A member of the public had, by chance, discovered that the refreshed online portal ACRA had rolled out featured a new search function (which was later disabled) that allowed the full NRIC numbers of individuals registered on its database to be accessed free of charge (i.e. Bizfile People Search). This led to the government issuing a public apology later in December and instituting a review panel to investigate the incident.

    Thereafter, in the same month, the Ministry of Digital Development and Information (“MDDI”) issued a statement outlining the appropriate use and misuse of NRIC numbers, which invited public debate. The MDDI made the following key points in its statement:

    • As there is little value in masking the NRIC number, the government had been preparing to change the existing practice of masking the NRIC number and move towards unmasking the same eventually. The MDDI explained that masked NRIC numbers actually give individuals a false sense of security. This was because, using some basic algorithms, it was possible to uncover an individual’s full NRIC number from the masked number, especially if the year of birth of the individual was also known.
    • In 2025, the MDDI and Personal Data Protection Commission (“PDPC”) plan to start educating the public on how the NRIC number should be used freely as a personal identifier in the same way individuals use their names, and the correct steps that ought to be taken for security, which would involve the proper use of authentication and passwords.

    Review panel findings

    In March 2025, the government shared the panel’s findings of internal communication errors between ACRA and the MDDI. ACRA’s misinterpretation of the MDDI’s internal directive on NRIC numbers had led ACRA to launch Bizfile People Search with full NRIC numbers alongside corresponding names in the search results, instead of partial NRIC numbers, which had been what was intended. ACRA, together with the Ministry of Finance, and separately, the MDDI, apologised for the incident.

    New guidelines on the use of NRIC numbers

    On 26 June 2025, ACRA and the CSA issued a joint advisory[1] to guide private organisations on ceasing the use of NRIC numbers for authentication of an individual. On the back of this, the MDDI similarly issued a press release[2] on stopping the use of NRIC numbers as passwords in the private sector. The public can expect more sector-specific guidance in the coming months as the government is working with regulated sectors such as finance, healthcare, and telecommunications to develop them.

    Isn’t the NRIC number private information?

    Public understanding and consensus has always been that an individual’s NRIC number is private and confidential and, unless required by law, the disclosure of the same is subject to that individual’s consent. This is consistent with the fact that an individual’s full NRIC number is usually masked, whether at the point of collection or disclosure. For instance, the collection of individuals’ NRIC numbers by organisations (in both the public or private sector) for various purposes tends to only require the provision of the last four characters of the NRIC number (i.e. last three numerical digits and checksum of the NRIC number e.g. 567A where the full NRIC number is S1234567A). On the occasion where an announcement of contest winners set outs their names and NRIC numbers, full NRIC numbers would not be spelled out – only the last four characters would be published. Partial disclosure was and is the norm, and a widely-accepted general practice.

    The classified nature of NRIC numbers is especially entrenched in the consciousness of the Singaporean public, as it is used by individuals to conduct their private matters. In Singapore, banks and insurers customarily require customers to identify themselves by entering their NRIC number over calls to their hotlines, or online for use of digital services, as part of their customer verification protocol. While fund transfers may require multi-factor authentication (“MFA”), of which entering the NRIC number may only comprise one component, some banks have opted to accept NRIC numbers to expedite customer verification in urgent cases of fraud or scam prevention. Additionally, banks and insurers often prescribe passwords that are a combination of the customer’s full or partial NRIC number and date of birth, to unlock password protected documents such as bank statements, insurance policies or related documents. Needless to say, these documents are secured in this way because they contain sensitive personal data (e.g. financial and health information).

    Would the disclosure of an NRIC number constitute a data breach?

    We would highlight that even partial NRIC numbers are considered personal data under the Personal Data Protection Act 2012 (“PDPA”), to the extent that an individual can be identified from the partial NRIC number. This is the view the PDPC has taken in its Advisory Guidelines on the PDPA for NRIC and other National Identification Numbers (“Advisory Guidelines”), which were issued on 31 August 2018 (but which is due to be updated). The PDPC had in 2020 also published a series of Frequently Asked Questions for individual and organisations in relation to the treatment of NRIC numbers and physical NRICs, and this appears to have been updated in the light of recent developments.

    While the public sector is not subject to the PDPA (although under the Public Sector (Governance) Act 2018, public agencies are required to comply with IM8, which is reportedly a set of instructions aligned with the PDPA but adapted to the public service context), the public outcry that followed the ACRA incident was not surprising. Had the incursion been traced to a private sector entity, it would have been considered a data breach – an unauthorised disclosure of personal data. Accordingly, it would have required mandatory notification to the PDPC, and could also trigger enforcement action by the PDPC.

    A notifiable data breach is one that could cause significant harm or is of significant scale. Significant harm occurs where there is physical, psychological, emotional, economic, financial harm, harm to reputation and other harms that a reasonable person would identify as a possible outcome of a data breach. While there are prescribed categories of personal data that if disclosed would cause significant harm (e.g. full name/ alias/ identification number in combination with items such as salary information/ credit card number/ bank account number/ health information, or account name/ number/ username, or account access information like biometric data/ security code/ password/ answer to security question etc), unauthorised access to an NRIC number is likely to cause significant financial harm to the holder of that NRIC number, because of the possibility for that number to be misused for identity theft or fraudulent purposes. For the avoidance of doubt, even though an individual’s full name would constitute personal data, a data breach involving the disclosure of an individual’s full name alone (without any other accompanying personal data) would not give rise to significant harm.

    Authentication versus identification

    Both the joint advisory by the PDPC and CSA, and the MDDI’s statement in June 2025 distinguish between the authentication and identification of an individual.

    Authentication is the more critical process of proving that an individual is who he/ she claims to be; and successful authentication is a condition precedent to permitting the individual to access services or information intended only for him/ her. On the other hand, identification is the act of differentiating one individual from another, and is an end in itself. While both are forms of verification, it is clear that authentication should not be treated as a lockstep process as there are higher stakes involved.

    On a related note, a Straits Times Forum letter published on 20 June 2025 titled “Stronger safeguards needed for inter-bank transfers” suggests that authentication should be more layered so as to be watertight. The letter flagged the recent case of a car salesman cheating buyers of over S$341,000 by having them transfer payment to his personal account instead of the company account. The writer was troubled by the lack of built-in checks in interbank transfers to ensure that the name of the recipient matches the name of the holder of the account to which the funds are being transferred. There is no such gap for cheques/ banker’s drafts/ cashier’s orders as bank tellers would have to extract the name of the account holder from the account number, and verify that such name tallied with the printed payee’s name. Mandatory name verification for large transfers was proposed as a safeguard to plug this gap. On 26 June 2025, the Monetary Authority of Singapore stated that it would consider the writer’s suggestion as part of its efforts to better protect customers against fraudulent or erroneous transfers.

    Returning to the use of passwords as a method of authentication, the government’s position is that in order for passwords to serve as a reasonably robust defence against unauthorised account access, passwords should not contain information that can be obtained easily, such as full names or their permutations, NRIC numbers, or dates of birth.

    The issue the government is trying to address is two-pronged:

    • individuals have been using their NRIC numbers, whether partially or in their entirety as their passwords or part of their passwords, to log into their digital accounts;
    • organisations have been using full or partial NRIC numbers to authenticate individuals, by setting passwords on their behalf as account log-in credentials, or to enable them to access privileged information (such as unlocking password protected documents), or to perform privileged transactions.

    The misuse or publication of NRIC numbers is therefore a real concern, as those privy to another’s NRIC number may be able to abuse this information for impersonation and fraud.

    Accordingly, an NRIC number should be treated like an individual’s name – neither of which would, whether separately or together, in full or in part, together with other easily obtainable personal data (e.g. passwords combining an individual’s partial NRIC number and date of birth, such as “567A1Jan2025”), suffice for authentication. Both are simply means of identification.

    Organisations and individuals should expedite their transitions away from the practice of deploying NRIC numbers as an authentication measure and consider adopting the following options for purposes of authenticating an individual instead:

    • More specific and uncommonly known information that only that individual knows (e.g. complex password);
    • An item that only that individual would possess (e.g. security token, smart card);
    • An attribute that only that individual would possess (e.g. fingerprint, face, iris, palm vein).

    The last two options offer stronger phishing resistance than the first. In terms of passwords, a strong one with enough complexity is typically composed of a series of random words; and where passwords are used, two-factor authentication (“2FA”) or even MFA are recommended as additional layers of security. Essentially, an individual’s name and NRIC number should not be used as passwords or as any basis of authentication.

    In fact, the physical NRIC, which indicates an individual’s NRIC number, could be employed as a factor of authentication, as it contains other details (e.g. photo and thumbprint) which can be verified in person, and these additional features serve as security/ safeguards that the NRIC number on its own lacks. 

    It is worth noting that the PDPC had previously issued a Technical Guide to the Advisory Guidelines (likewise scheduled to be updated) which provides organisations with tips for the replacement of NRIC numbers as identifiers for individuals, in their applications, websites or other public-facing computer systems.

    The PDPC and CSA advise organisations to adopt a risk-based approach when choosing the appropriate authentication method. Factors to consider in designing a bespoke approach include:

    • Value and sensitivity of what is being protected;
    • Potential threats and vulnerabilities of the authentication method; and
    • User experience and accessibility when using the authentication method.

    The PDPC encourages organisations to take reference from the PDPC’s Guide to Data Protection Practices for ICT Systems (pages 15 to 16) in devising their authentication practices. For example, 2FA, MFA and complex passwords are particularly important for administrative accounts, as unauthorised access of these very accounts remains one of the most common root causes of data breaches to date. Staff training and restrictions on privileged account changes would also be prudent measures to implement as part of efforts to promote this sea change in mindset.

    It is uncontroversial that one’s NRIC number is a unique/ personal identifier. But it will take time for the public education drive to dislodge the deeply embedded, age-old notion that an individual’s NRIC number is private knowledge that an individual is entitled to withhold.

    Nonetheless, until the relevant PDPC advisories are formally amended, the NRIC number (as a personal identifier) continues to be subject to the PDPA, and the unauthorised disclosure of the same could engender significant harm. Organisations that handle personal data (which includes NRIC numbers) must still comply with their data protection obligations under the PDPA – beginning with obtaining valid consent from the individual, followed by adhering to purpose and retention limitations, and making reasonable security arrangements to protect the personal data, etc.

    Exploitation of personal data and the NRIC number

    Cybersecurity awareness amongst organisations and individuals alike is key to avoiding the exploitation of personal data. IT forensics experts have identified new threat actor tactics that could theoretically take advantage of the unmasking of the NRIC number. For example, a prominent threat actor group known by the name of “Scattered Spider” has gained notoriety of late for using social engineering techniques to effect data breaches on its victims. “Scattered Spider” has targeted IT helpdesks by deploying social manipulation techniques including adopting local accents and capitalising on publicly available information associated with mid-level IT personnel and network engineers to convince IT helpdesk staff to reset employee accounts without setting off alarm bells. NRIC numbers could certainly be exploited by the likes of “Scattered Spider” in their data breach attempts.

    Key lessons

    • Singapore NRIC numbers should be used for purposes of identification only and should not be used as a means of authentication to facilitate the provision of a service or the retrieval of information.
    • Organisations and individuals must relook at existing practices of deploying NRIC numbers as authentication measures, including using them as passwords, and phase these out.
    • Passwords should not contain NRIC numbers, as the likelihood of one’s NRIC number being compromised and misappropriated is a serious possibility.
    • Multiple independent forms and stages of authentication are recommended, and organisations and individuals should stay vigilant of security risks and take active steps to install effective safeguards.

    Kennedys regularly advises on data protection laws and cyber incidents in Singapore and worldwide. If you require any assistance in this regard, please contact our authors.

     

    [1] https://www.pdpc.gov.sg/help-and-resources/2025/06/joint-advisory-against-using-nric-numbers-for-authentication-by-the-personal-data-protection-commission-pdpc-and-cyber-security-agency-of-singapore-csa

    [2] https://www.mddi.gov.sg/newsroom/stopping-the-use-of-nric-numbers-as-passwords-in-the-private-sector/

     

    Continue Reading

  • Evaluation of real-world vehicle emissions in Kampala, Uganda

    Evaluation of real-world vehicle emissions in Kampala, Uganda

    The TRUE Initiative, in partnership with the United Nations Environment Programme, conducted a groundbreaking remote sensing campaign, the first of its kind in Africa, to offer real-world insight into the levels of pollution from vehicles operating in Kampala, Uganda.

    Using plume chase technology, where a vehicle equipped with emission analyzers follows a target vehicle while sampling its exhaust plume, this project captured real-world snapshots from Kampala’s fleet in 2024. Researchers analyzed the results and observed that:

    • Over 50% of gasoline passenger cars exhibited average nitrogen oxides (NOx) emissions consistent with pre-Euro certifications, suggesting potential malfunctions or removal of catalytic converters. Although newer gasoline passenger cars under 8 years old showed lower NOx emissions than older cars, their levels were still 5.5 times higher on average than Euro 4 limits.
    • Diesel heavy commercial vehicles under 8 years of age showed 14% higher average NOx emissions than older counterparts. Similarly little differences in average real-world NOx emissions were observed among older and newer diesel vehicles across other groups— passenger cars, minibuses, and light commercial vehicles.
    • Diesel minibuses, which had an average age of 25 years, showed NOx emissions more than 9 times higher than Euro 4 limits and elevated black carbon (BC) emissions. At least 16% of diesel minibuses over 15 years old exhibited visible black smoke from their exhaust during measurement and exhibited 6 times higher average BC emissions than vehicles aged between 8 and 15 years.

    Uganda is already working to improve air quality, including by outlining new programs under its National Environment (Air Quality Standards) Regulations and e-mobility strategy. Based on these results, the TRUE Initiative recommends a strengthening of import requirements on all vehicle imports and developing a roadmap to meet Euro 6 standards. For maximum benefits, this should be complemented by routine vehicle inspection programs and mandatory follow-up maintenance that would quickly identify and repair high emitters. Finally, prioritizing public transport and modernizing the aging taxi minibus fleet would significantly reduce vehicle-related air pollution.

    Cover Photo: Attendees participated in a live demonstration of plume chasing technology during a kick-off event for TRUE’s remote-sensing campaign in Kampala, Uganda. The workshop was organized by UNEP and local partners in July 2024.

    Continue Reading